App Review Norton Security 22.22.8.15

It is advised to take all reviews with a grain of salt. In extreme cases some reviews use dramatization for entertainment purposes.
Content created by
Shadowra
F

ForgottenSeer 95367

I think you should re-read what I wrote, and what I was quoting, because your response covered none of it.
You posted:

Good protection, but questionable privacy and nagging. Thanks for the test.
"It was questionable BEFORE the Avast buyout. I'd downgrade it to "laughable" at this point."

The way you called it "laughable" applies to Norton's privacy, nagging and protection.

It's not a big deal.
 
  • Like
Reactions: Nevi and roger_m

Sorrento

Level 13
Verified
Top Poster
Well-known
Dec 7, 2021
625
I don't modify the Firewall, however the Firewall is probably the easiest to block / allow applications of any AV - As for nags it's simple to change this in administration by unchecking 'special offer notification' along with 'performance monitoring' - Nice review, & thank you !
 

Sorrento

Level 13
Verified
Top Poster
Well-known
Dec 7, 2021
625
Norton is decent. It is right there with Bitdefender and Kaspersky, unless you think a 1% difference between them is meaningful (it is statistically insignificant in real life events). Norton will stop a lot of attacks that Microsoft Defender cannot. For example, banking trojans and other financial malware attacks.

Norton has a lot of settings that must be adjusted manually, especially the firewall, to get the most out of it. In other words, Norton must be hardened just like every other internet security suite out there.

Security software is like anything else cybersecurity. Those that have the knowledge, and can act on that knowledge, stay safe while everybody else only stays safe because of probabilities.
Can you elaborate on which Firewall setting require manual changes please? :)
 

Jan Willy

Level 13
Verified
Top Poster
Well-known
Jul 5, 2019
607
Norton will stop a lot of attacks that Microsoft Defender cannot. For example, banking trojans and other financial malware attacks.
Possibly you're referring to the test published on Overview Of Techniques And Attacks In Windows 11 » AVLab Cybersecurity Foundation
This test is discussed in detail in the thread AVLab.pl - Test of security solutions in blocking attacks on Internet banking
If I understand correctly, banking by home users of MS Defender is rather safe when using MS Edge with enabled Smart Screen.
See post # 27 in abovementioned thread.
 

Nightwalker

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
May 26, 2014
1,339
Norton at default settings is fine, there is no need to change it.

It is inevitable to see some "specialists" recommending to change Behavior Blocker (old Sonar), heuristics and Boot Protection to Agressive, but they don't know what difference it actually makes, their thought process is very simple actually: "Maximum security is better, agressive settings ASAP".

But why? Minimum security gains with a much higher false positive rate probability; usability is an afterthought.

About the firewall, it is already very powerful, working in a two way mode (inbound and outbound control) receiving info about how to act via Insight Reputation (the old Quorum); by default it will always alert about unknown files, files with missing digital signature, files with invalid digital signature, files without a "trust" reputation that try to inject in vital Windows processes and so on.

In security forums we will always see people recommending to go with "maximum" settings (ESET is a prime victim), but they simple don't have a clue.

TL;DR - Stay safe and not paranoid.
 
F

ForgottenSeer 95367

If I understand correctly, banking by home users of MS Defender is rather safe when using MS Edge with enabled Smart Screen.
It is except for prolific downloaders and exploits. With a kernel or application exploit malicious files can be downloaded and run without Smart Screen making a peep. Banking trojans are traditionally delivered via weaponized Office documents and exploits. Smart Screen does not protect in those cases.
 
Last edited by a moderator:
F

ForgottenSeer 95367

Minimum security gains with a much higher false positive rate probability; usability is an afterthought.
Maximum settings in the firewall doesn't generate false positives. Usability is not affected.

About the firewall, it is already very powerful, working in a two way mode (inbound and outbound control) receiving info about how to act via Insight Reputation (the old Quorum); by default it will always alert about unknown files, files with missing digital signature, files with invalid digital signature, files without a "trust" reputation that try to inject in vital Windows processes and so on.
The Norton firewall is easily bypassed via scriptors that abuse processes that Norton rates as "Safe."

TL;DR - Stay safe and not paranoid.
Why spend your money on something if you are not going to use it to its full potential? Obviously there are those here that want to use Norton at maximum settings. Why does that bother you so much? Why do you care how others choose to use it?
 

Nightwalker

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
May 26, 2014
1,339
Maximum settings in the firewall doesn't generate false positives. Usability is not affected.


The Norton firewall is easily bypassed via scriptors that abuse processes that Norton rates as "Safe."


Why spend your money on something if you are not going to use it to its full potential? Obviously there are those here that want to use Norton at maximum settings. Why does that bother you so much? Why do you care how others choose to use it?

Lets see what you said about Norton settings:

Norton has a lot of settings that must be adjusted manually, especially the firewall, to get the most out of it. In other words, Norton must be hardened just like every other internet security suite out there


And that is no true at all, I respect your opinion and of course there is some merit to "agressive" settings, but it is much different when those settings are said to be a must, they arent, not even close.

So what Norton firewall settings need to be changed? And why?
 

Shadowra

Level 37
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,631
Maximum settings in the firewall doesn't generate false positives. Usability is not affected.


The Norton firewall is easily bypassed via scriptors that abuse processes that Norton rates as "Safe."


Why spend your money on something if you are not going to use it to its full potential? Obviously there are those here that want to use Norton at maximum settings. Why does that bother you so much? Why do you care how others choose to use it?

No need to change the settings... and the scripts can be blocked by SONAR or AMSI
 

Adrian Ścibor

From AVLab.pl
Verified
Well-known
Apr 9, 2018
220
Nicely done, good job :) Yes, Norton has good protection at stopping network attacks. Nevertheless, remember that payload and revTCP in Metasploit is easy to detect for any vendor. Nevertheless, it's always a good way to check something other than the method-deliver-malware-sociotechnique.
 
F

ForgottenSeer 95367

No need to change the settings... and the scripts can be blocked by SONAR or AMSI
Some, but not all; SONAR and AMSI are not absolute protections.

And that is no true at all, I respect your opinion and of course there is some merit to "agressive" settings, but it is much different when those settings are said to be a must, they arent, not even close.

So what Norton firewall settings need to be changed? And why?
There's some misunderstanding going on here. I've already explained that. I said "to get the most out of it (the firewall)." I also said for prolific downloaders and in the case of exploits. The default firewall behavior is default allow for ALL Microsoft processes, which is hardly optimal for security. I'm not going to deep dive into how to harden a firewall for outbound connections. There's lots of resources out there to use as a guide.
 
Last edited by a moderator:

Shadowra

Level 37
Thread author
Verified
Top Poster
Content Creator
Malware Tester
Well-known
Sep 2, 2021
2,631
Some, but not all; SONAR and AMSI are not absolute protections.

I didn't say otherwise 😉
But modifying won't do much good except create false positives.
Most users don't care about the settings, they install the antivirus, do the 1st update and forget about it.
Only computer geeks will mess with the settings
 

TedCruz

Level 5
Aug 19, 2022
176
The only thing I don't like so much about Norton is that it is highly dependent on the Internet, even the Behavioral Blocking support site says that without an Internet connection it doesn't work. From this point on, Bitdefender for me is the best because it has a high rate of offline detection, but other than that, Norton is excellent, there's nothing to complain about 🙂 .
What happens to boot persistence regarding the behavioral aspect of the detection? Does Norton holds all untrusted in check until net is established or does it let it pass? That could be it's weak point when dealing with a valid decryptor that decrypts a payload during boot.
 

TedCruz

Level 5
Aug 19, 2022
176
But who uses the computer these days without internet connection? And without internet it is impossible for you to be infected, unless you downloaded malware on another connected computer and put it on a pendrive to infect yours that is off 😆
Business individuals. You and your coworker are on a plane. The plane wifi is non existent, your coworker wants to transfer his presentation so you can work on it. He gives you their USB
 
  • Thanks
Reactions: Guilhermesene

Bumblebee Uncle

Level 3
Well-known
Mar 15, 2022
109
Maximum settings in the firewall doesn't generate false positives. Usability is not affected.


The Norton firewall is easily bypassed via scriptors that abuse processes that Norton rates as "Safe."


Why spend your money on something if you are not going to use it to its full potential? Obviously there are those here that want to use Norton at maximum settings. Why does that bother you so much? Why do you care how others choose to use it?
Why is it so difficult for you to not accept other people's opinions and disregard other security softwares/microsoft products etc! If everything is so bad, perhaps we can have a Furyo OS and/or a Furyo internet security suite?
 
F

ForgottenSeer 95367

Why is it so difficult for you to not accept other people's opinions and disregard other security softwares/microsoft products etc! If everything is so bad, perhaps we can have a Furyo OS and/or a Furyo internet security suite?
I never said that there was anything bad about Norton. I could care less what others think, but whenever someone posts an inaccurate or false fact, then I am going to respond. This thread is a perfect example of fanbois getting upset and derailing the discussion.
 

franz

Level 9
Verified
Well-known
May 29, 2021
433
Hello and welcome to the Norton test!
Norton is an American antivirus, very well known to the public.
It has been offering software capable of protecting the user for years.
In this version, no change in security, but the interface has been slightly modified.
White, blue and icons have been modified.

Protection level: Norton is still formidable!
It stopped all attacks submitted!
Nothing is passed (the installer is a false positive, which I did not count and which I stopped)

Still recommendable.



RAM Usage : Low
Malware URL test : 10/10 (All blocked)
Fake crack : 1/1 (Blocked : WS.Reputation.1)
Malware Pack : Remaining 13 files out of 215.
Norton blocks all threats at launch!
A file was launched but not counted, it was a false positive that I stopped.
PC clean

Resistance to script attacks: Yes

Result :
IObit : 0
KVRT : 0

Recommand : Recommended
System Clean : Yes system clean & protected

@Kiss request

I am now trying out Norton Security on one machine ;)
 

RoboMan

Level 35
Verified
Top Poster
Content Creator
Well-known
Jun 24, 2016
2,487
Thanks for the test. Norton is a great solid product. It is robust, light and most importantly, it doesn't bother you. It's been the perfect gaming replacement for Kasperksy in my case.

I've bought it and never regretted it since day one.

It brings to the table really good security, efffectiveness, lightness, and lets you play and work without interruptions or issues. I will keep choosing it till the day they change that.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top